Browse Publications Technical Papers 12-07-02-0008

A Deep Neural Network Attack Simulation against Data Storage of Autonomous Vehicles 12-07-02-0008

This also appears in SAE International Journal of Connected and Automated Vehicles-V133-12EJ

In the pursuit of advancing autonomous vehicles (AVs), data-driven algorithms have become pivotal in replacing human perception and decision-making. While deep neural networks (DNNs) hold promise for perception tasks, the potential for catastrophic consequences due to algorithmic flaws is concerning. A well-known incident in 2016, involving a Tesla autopilot misidentifying a white truck as a cloud, underscores the risks and security vulnerabilities. In this article, we present a novel threat model and risk assessment (TARA) analysis on AV data storage, delving into potential threats and damage scenarios. Specifically, we focus on DNN parameter manipulation attacks, evaluating their impact on three distinct algorithms for traffic sign classification and lane assist. Our comprehensive tests and simulations reveal that even a single bit-flip of a DNN parameter can severely degrade classification accuracy to less than 10%, posing significant risks to the overall performance and safety of AVs. Additionally, we identify critical parameters based on bit position, layer position, and bit-flipping direction, offering essential insights for developing robust security measures in autonomous vehicle systems.


Subscribers can view annotate, and download all of SAE's content. Learn More »